Infineon Introduces Chip Card Controllers for Improved Security of Electronic Identity Cards and Passports
Infineons SLE66CLX640P security controller is designed for tomorrows chip card-format electronic ID cards, while the SLE66CLX641P controller is intended for integration into electronic passports. Until now, chip cards have been designed for a maximum useful lifetime of five years, whereas electronic ID cards and passports are generally valid for ten years. Infineon has aimed its new controllers at precisely these requirements.
One of the biggest concerns today is how to safeguard data and protect against identity theft, said Dr. Juergen Kuttruff, Vice President & General Manager, Security at Infineons business group Secure Mobile Solutions. With the Infineon-enabled chips, electronic ID cards and passports will be much more secure than ID cards and passports today.
The most important requirement for identification documents is that all data is stored in a reliable form and as securely as possible. Infineons security controllers contain more than 50 individual security mechanisms built into the chip. This ensures that the stored data enjoys todays the best possible protection against manipulation and improper use.
Featuring a storage capacity of 64 kilobytes (Kb), both the new security controllers meet the provisions of the global Standard 9303-1, issued by the International Civil Aviation Organization (ICAO), which has laid down framework standards for globally valid travel documents for 188 countries. In line with the ICAO requirements for electronic travel documents, the encrypted data on both chips includes not just the details currently printed on ID papers, such as name, date of birth and period of validity, but also a number of biometric features, characteristics specific to the individual, which can be the face, the prints of one or more fingers, the image of the holders iris or a combination of these characteristics. Unlike today, the holders of future generations of ID cards may be sure that if they should lose their card it cannot be used without authorization.
Infineons chips are the only products in the world capable of supporting both of the contactless interface formats that dominate the marketplace, ISO/IEC 14443 Type A and Type B, which differ in the data transmission protocols they employ. This means that cards or passes containing Infineons security controller can be used worldwide, regardless of the reader infrastructure already installed or being set up.
Electronic ID cards can do moreTomorrows electronic ID cards will be suitable for a variety of applications. A multi-application card of this kind could integrate: a personal identity card, a drivers license, an e-government card with a digital signature for using special official services, a credit card, and a monthly commuter ticket for urban transportation systems.
Infineons SLE66CLX640P security chip keeps these applications and the associated data records securely separate from each other. In addition, it permits graduated access authorizations, so that only an authorized group of individuals may access or modify the data. This means that the holder need have no anxiety that the border guard examining their ID card is able to gain access to his or her tax return.
The SLE66CLX640P designed for use in the ID cards of the future performs the contactless transfer of data up to a distance of around ten centimeters from the reader or via electrical contacts directly to the reader. The SLE66CLX641P, on the other hand, which could be integrated into the laminated side of the electronic passport, along with the holders personal details, has a purely contactless interface.
Technical details of the security chipsThe two security chips SLE66CLX640P and SLE66CLX641P belong to Infineons 66Plus family of 16-bit chip card controllers. In order to meet the exacting security requirements of identity cards, the chip card controllers offer numerous physical protection functions, such as an active shield feature and encryption functionality. Also on offer is the sectors most effective protection to date against so-called DPA/SPA (Differential Power Analysis / Simple Power Analysis) attacks, which involve hackers attempting to read the information off the chip by applying different voltages to it.
The Memory Management Unit (MMU) of the chips contains hardware firewalls, in order to keep the applications and other system software securely and reliably separate from each other. The security controllers calculate symmetrical algorithms such as DES (Data Encryption Standard) and Triple-DES. They offer a powerful crypto-coprocessor, which permits the calculation of asymmetrical algorithms like RSA (Rivest, Shamir, Adleman) and elliptical curves.
Tens of millions of examples of the forerunners to the two chips being launched now are already in use in ID projects. These include electronic ID cards in Macao, Hong Kong, Oman, Italy and the US Department of Defense, as well as the national healthcare cards in Taiwan and Italy.
The security controllers are being developed in Infineons center of excellence for contactless technology in Graz, Austria. Here, Infineon is creating about 30 new jobs in development, marketing and application technology for chip card applications. The chip package, specially developed for the requirements of ID cards and passports, originates in Regensburg, Germany, along with the inlay consisting of the antenna and its connection to the chip. Infineon believes it is the only semiconductor manufacturer to design the chip, the package, which has been specially designed for identification documents, as well as the inlay in line with the demanding requirements of security documents.
For further information on Infineons product portfolio of security and chip card ICs, please got to: www.infineon.com/security_and_chipcard_ics